how do other countries do it? we can copy their laws and procedures
On Mon, Jul 13, 2009 at 5:20 PM, Pablo Manalastas<[email protected]> wrote: > > --- On Mon, 7/13/09, Zak B. Elep <[email protected]> wrote: > >> Just thinking out loud: >> >> Would it be possible for Comelec to provide you these >> things all with >> a corresponding digital signature? Ideally, could >> Comelec provide a >> publicly-accessible GPG key that you could use to verify >> the sources >> (and could possible be used later on to verify the >> results,) in a way >> similar to Archive Signing Keys for software packages? > > There is no tech-savvy person in Comelec who knows how to do this, > and so Comelec is relying on Smartmatic to do everything for them. > Smartmatic could probably be asked to GPG-sign the source code. > Actually, then have agreed to SSL-sign all machine executables to prove that > the executables came from them, but there is no assurance that the 82,000 > signed executables running on those 82,000 PCOS machines are all > the same, even if Smartmatic has signed them. Their signature only > proves that they are the source of the program, and not that all the PCOS > executables are the same. > > >> > REGARDING LINUX SYSTEM ADMIN SETTINGS OF THE ELECTION >> COMPUTERS: > >> g. is everything (the application, the election data, the >> OS itself, >> even the logs) subject to a backup system, possibly to a >> different >> (but possibly publicly accessible) location? > > All these data are required to be backed up in CF cards, according to the > Comelec Terms of Reference (ToR). Just backing up the ballot images (tiff > files) will use up a lot of bandwidth, which Smartmatic can not get under the > current state of cellular infrastructure. > >> h. is there a process of the election application >> deployment that puts >> in verification (e.g. something like a GPG signature >> verification of >> the application binaries and/or source,) which could also >> be extended >> to the data/results? > > The precinct election returns (ER) will be SSL-signed by the BEI teachers, > with secret keys/public keys provided by Smartmatic. This procedure is so > ridiculous and immoral, since the secret keys will be known to the signers > (BEI teachers) only during election day, but Smartmatic will already know the > teachers' secret for a long time before election day. We will suggest to > Comelec that the teachers use GPG secret keys/public keys that they generate > without help from Smartmatic or Comelec, and for the public keys to be signed > by their supervisors at DepEd. > > For the election application, we would like the simpler SHA1 checksum > computation from the original executables compiled from the approved source > code. On election day, the BEI teachers will just redo the checksum > computations to verify that the executables have not been changed. We do not > trust the Smartmatic-signed executables, because Smartmatic can sign several > different versions of the executables and you will never know which version > you are getting, swince there will be 82,000 of those PCOS machines and 2,000 > CCS/BOC machines. > >> i. related to h., is there some sort of public >> infrastructure that >> would allow independent verification of the (automated) >> result output? > > Can you propose a procedure for doing this? The law provides that Comelec > can select one precinct in every congressional district in which to do a > manual audit, but that is hardly verifying the national election picture. > > >> j. since this is all supposed to be 'automated', are all >> the machines >> to be deployed using and automatic configuration management >> system >> (like CFEngine or Puppet) so possible preconditions like >> those above >> could be declared and verified? > > Smartmatic will use an automated EMS (election management system) to convert > the Comelec data for the different precincts into > EML (election mark-up language) files for configuring each precinct's CF card > that contains customization and configuration data. Each PCOS machine has an > EML interpreter built in. > > Thank you Zak. > > //Pablo > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
